PERSONAL DATA PROTECTION POLICY

Our Privacy PolicyIn accordance with the Personal Data Protection Act 2012 (“PDPA”), we would like to ensure your privacy and will continue to comply with the PDPA by keeping your personal data within legal, regulatory and operational obligations and have in place robust security measures to safeguard it.

The personal information we have collected from you / are requesting is for operational purposes and to maintain our relationship with you. We will never reveal, share, sell or make public this information for any reason. Your personal data is kept confidential and secure. We are committed to safeguarding our stakeholders’ privacy with utmost care.

Do note that as your personal data is under the care of ONG&ONG Group, it may be shared with our ONG&ONG subsidiaries. Please rest assured that we require that they strictly adhere to our stringent data protection standards. The ONG&ONG Group’s PDPA Policy may be found on our website.

If you prefer not to receive any mailers or would like us to update your information or if you have questions regarding our privacy policy, please contact us.

ONG&ONG Group PDPA POLICY

PDPA PolicyThis PDPA Policy sets out how ONG&ONG Group (“GBC”) manages Personal Data as required under the Singapore Personal Data Protection Act 2012 (“the Act”) and all the associated regulations and guidelines as may from time to time be issued by the Personal Data Protection Commission (“PDPC”) of Singapore so that you know and understand the purposes for which we collect, use and disclose your Personal Data.

By submitting your information to us, you agree and consent to GBC and its related subsidiaries (collectively, the "Companies"), collecting, using, disclosing and sharing amongst themselves your Personal Data, and disclosing such Personal Data to the Companies' authorised relevant third parties in the manner set forth in this PDPA Policy.

This PDPA Policy supplements but does not supersede nor replace any other consent(s) you may have previously provided to the Companies in respect of your Personal Data, and your consent to this PDPA Policy is in addition to any rights that any of the Companies may have at law to collect, use or disclose your Personal Data.

GBC may from time to time update this PDPA Policy to ensure that this PDPA Policy is consistent with our future developments, industry trends and/or any changes to the legal or regulatory requirements. In the circumstances, all communications, transactions and dealings with us shall be subject always to the latest version of this PDPA Policy in force at the time. Unless you inform us in writing to the contrary, you agree to be bound by the prevailing terms of the PDPA Policy as updated from time to time on our website http://www.group.ong-ong.com/ and the Companies shall be allowed to collect, use and disclose your Personal Data as permitted under the Act and all the associated regulations and guidelines as may from time to time be issued by the PDPC. Please check back regularly for updated information on the handling of your Personal Data.

1. Personal Data0.1 In this PDPA Policy, “Personal Data” refers to any data, whether true or not, about an individual who can be identified (a) from that data; or (b) from that data and other information to which we have or are likely to have access, including data in our records as may be updated from time to time.

0.2 Examples of such Personal Data you may provide to us from time to time (depending on the nature of your interaction with us) includes, but not limited to, your name, NRIC, passport or other identification number, telephone number(s), mailing address, email address, network data or any other information relating to any individuals which you have provided us in any forms you may have submitted to us, or via other forms of interaction with you.

2. Collection of Personal Data0.1 Generally, we collect Personal Data in the following manners:

(a) when you submit an application form or other forms relating to any of our Design Consultancy Services;(b) when you interact with our employees, for example, via telephone calls, letters, face-to-face meetings and emails;

(c) when you use any of our services, for example, websites and apps;

(d) when you request that we contact you, be included in an email or other mailing list;

(e) when you provide us with additional Personal Data in response to our request;

(f) when we receive references from business partners and third parties, for example, where you have been referred by them;

(g) when you submit your Personal Data to us for any other reasons; or

(h) when you make your Personal Data available to the public for any reason.

0.2 When you browse our website, you generally do so anonymously and we do not collect your Personal Data at our website unless you provide such information or login with your account credentials. Please see section 5 below on use of cookies.

0.3 If you provide us with any Personal Data relating to a third party (e.g. information of your spouse, children, parents, and/or employees), by submitting such information to us, you represent to us that you have obtained the consent of the third party to provide us with their Personal Data for the respective purposes.

0.4 As we rely on your Personal Data to provide services to you, you should ensure that at all times, all Personal Data submitted to us is complete, accurate, true and correct, and it is important for you to update us in a timely manner of any and all changes to the same. Failure on your part to do so may result in our inability to provide you with the operational services you have requested.

3. Purposes for the Collection, Use and Disclosure of Your Personal Data0.1 GBC collects, uses and discloses your Personal Data for the following purposes:

(a) responding to your queries and requests;

(b) evaluating and processing your requests for any of the services offered or distributed by us (including but not limited to third party services);

(c) evaluating and determining the terms of such offering or distribution;

(d) providing the services requested;

(e) managing the administrative and business operations of GBC and complying with internal policies and procedures;

(f) managing your business, obligations and relationship with us and our obligations to you;

(g) conducting research (whether conducted by us or by a third party) for the purposes of developing or improve our services, service quality, security and marketing strategies (including but not limited to that provided by third parties;

(h) offering and marketing to you, in various modes, any services, special offers, promotions, workshops, seminars or events provided by us which we think may be of interest to you;

(i) mailing out any materials relating to the services provided by us which we think may be of interest to you;

(j) facilitating any proposed or actual business asset transactions, assignment or transfer, participation or sub-participation in any of our rights or obligations or involving any of the other Companies;

(k) generating financial, management or other related reports and performance of analytics;

(l) matching any Personal Data held which relates to you for any of the purposes listed herein;

(m) resolving complaints and handling requests and enquiries;

(n) performing verification and such security checks as we may reasonably require to detect, prevent and/or investigate any crime, offence or breaches of terms of agreement;

(t) meeting or complying with any applicable rules, laws, regulations, codes of practice or guidelines, orders or requests issued by any court, legal or regulatory bodies (both national and international) which are binding on GBC (including but not limited to responding to regulatory complaints, disclosing to regulatory bodies and conducting audit checks, due diligence and investigations);

(u) performing audit checks and for legal purposes (including but not limited to seeking advice and enforcing our legal rights, drafting and reviewing of documents and facilitating dispute resolution); and

(k) purposes which are reasonably related to the aforesaid.

0.2 You may at any time withdraw any consent given, in respect of the collection, use or disclosure by us of your Personal Data, for any purpose by contacting us at the contact details as provided below.

0.3 Should you wish to withdraw your consent for marketing materials/communication, please be aware that it may take up to 28 working days upon our receipt of your notice of withdrawal for the withdrawal to be reflected in our systems. Therefore, you may still receive marketing materials/communication during this period of time. Please note that even if you withdraw your consent for the receipt of marketing materials, we may still contact you for other purposes in relation to Design Consultancy Services, Project Management Consultancy Services, Design & Build Services and any other related services that you hold or have with OOG.

4. Disclosure of Personal DataGBC will take reasonable steps to protect your Personal Data against unauthorised disclosure. In the course of our business, we may, to the extent permitted by applicable laws and/or regulations, disclose your Personal Data, for the purposes listed above (where applicable), to the following:

0.1 Companies and employees to provide services to you, address your questions and requests in relation to your service accounts with us;

0.7 relevant government regulators, statutory boards or authorities or law enforcement agencies to comply with any laws, rules, guidelines and regulations or schemes imposed by any governmental authority;

0.8 any other party to whom you authorise us to disclose your Personal Data to; and

0.9 companies, authorities, parties or persons providing services relating to learning, training and development for OOG.

5. Use of Cookies and other Technologies0.1 Many website and mobile applications use “cookies”. A cookie is a small text file that a website or mobile application can send and store on your computer or mobile device when you visit certain websites. GBC uses cookies on its websites for the following purposes:

(a) enabling certain features and functions on our websites, e.g. browsing and other service preferences;

(b) building up a general usage profile of the website;

(c) improving the efficiency of our website;

(d) administering services to you; and

(e) establishing usage statistics

0.2 Most internet browsers provide you the option of disabling the processing of cookies (please see the “help” section of your browser), but this may result in the loss of functionality, restrict your use of our website and/or delay or affect the way in which it operates.

0.3 GBC is not responsible for the Personal Data policies (including Personal Data protection and cookies), content or security of any third party websites linked to the GBC website.

6.Retention of InformationWe will retain your Personal Data for the purposes described in this PDPA Policy until it is reasonable to assume that the purpose for which your Personal Data was collected is no longer being served by its retention, and retention is no longer necessary for legal or business purposes.

7. Your Rights – Withdrawal of Consent, Access and Correction of your Personal Data0.1 If you:(a) have any questions or feedback relating to your Personal Data or our PDPA Policy;

(b) would like to withdraw your consent to any use of your Personal Data as set out in this PDPA Policy; or

(c) would like to obtain access and make corrections to your Personal Data records held by us, please contact GBC as follows:

0.2 Please note that if your Personal Data has been provided to us by a third party (e.g. a referrer), you should contact that organisation or individual to make such queries, complaints, and access and correction requests to GBC on your behalf.

0.3 If you withdraw your consent to any or all use of your Personal Data, depending on the nature of your request, GBC may not be in a position to carry on certain business with to you, administer any contractual relationship in place, which in turn may also result in the termination of any agreements with OOG, and your being in breach of your contractual obligations or undertakings. OOG’s legal rights and remedies in such event are expressly reserved.

8. Governing LawThis PDPA Policy and your use of this website shall be governed in all respects by the laws of Singapore.

9. DisclaimerTo the maximum extent permitted by law, we shall not be liable in any event for any special, exemplary, punitive, indirect, incidental or consequential damages of any kind or for any loss of reputation or goodwill, whether based on contract, tort (including negligence), equity, strict liability, statute or otherwise, suffered as a result of unauthorised or unintended use, access or disclosure of your Personal Data.